doc updates, cleanups

git-svn: trunk@400
22 years ago · fb787a061a
parent 13c03b4901
commit fb787a061a
14 changed files with 189 additions and 18 deletions
--- a/clamav-devel/ChangeLog
+++ b/clamav-devel/ChangeLog
@ -1,3 +1,9 @@
+Sun Mar 14 21:48:25 CET 2004 (tk)
+---------------------------------
+  * etc/clamav.conf: ScanOLE2 enabled by default
+  * doc: manuals updated
+  * fixed gcc warnings
+
 Sat Mar 13 23:14:44 CET 2004 (tk)
 ---------------------------------
  * doc: clamdoc.pdf - updated (for 0.70) and slightly reorganized
--- a/clamav-devel/NEWS
+++ b/clamav-devel/NEWS
@ -2,6 +2,73 @@ Note: This README/NEWS file refers to the source tarball. Some things described
 here may not be available in binary packages.
 --

+
+0.70
+----
+
+The two major changes in this version are new thread manager in clamd
+and support for decoding MS Office VBA macros. Both of them have been
+implemented by Trog. Besides, there are many improvements and bugfixes
+(all listed in ChangeLog), a short summary:
+
+-) clamd
+    + new thread manager (with better SMP support)
+    + on-access scanning now also available on FreeBSD (with Dazuko 2.0)
+    + new directive: ArchiveDetectEncrypted
+    + handle SIGHUP (re-open logfile), SIGUSR2 (reload database)
+
+-) clamav-milter:
+    + TCPWrappers support
+
+-) libclamav:
+    + support for MS Office documents (OLE2) and VBA macros decompression
+    + support for encrypted archive detection
+    + new flags: CL_OLE2, CL_ENCRYPTED (see clamdoc.pdf, Section 6.1)
+    + improved support for mail files (especially bounces)
+    + improved RAR support
+
+-) clamscan:
+    + new option: --detect-encrypted
+
+-) freshclam
+    + new option: --pid, -p (write pid file if run as daemon)
+    + handle SIGHUP (re-open logfile), SIGTERM (terminate with log message),
+      SIGALRM and SIGUSR1 (wake up and check mirror)
+    + fixed bug with -u and -c handling
+
+-) documentation:
+    + new Polish documentation on ClamAV and Samba integration
+    + official documentation updated
+
+
+Special thanks to Dirk Mueller <mueller*kde.org> for the code review and
+many bugfixes and cleanups.
+
+
+We are happy to announce new programs that support ClamAV (all of them
+have been reviewed by our team):
+    + j-chkmail - a powerful filter for sendmail
+    + qscanq - Virus Scanning for Qmail
+    + clamavr - Ruby binding for ClamAV
+    + DansGuardian Anti-Virus Plugin
+    + ClamAssassin - a filter for procmail
+    + Gadoyanvirus - a filter for Qmail
+    + OpenProtect - a complete e-mail protection solution
+    + POP3 Virus Scanner Daemon
+    + mailman-clamav - a virus filter for Mailman
+    + wbmclamav - a webmin module to manage ClamAV
+    + Scan Log Analyzer
+    + mailgraph - a RRDtool frontend for Postfix Statistics
+    + INSERT - a security toolkit on a credit card size CD
+    + Local Area Security - a Live CD Linux distribution
+
+
+--
+The ClamAV team (http://www.clamav.net/team.html)
+March 14, 2004
+
+
+
 0.67
 ----
 This release fixes a memory management problem (platform dependent; can lead
--- a/clamav-devel/README
+++ b/clamav-devel/README
@ -6,9 +6,47 @@ here may not be available in binary packages.
 0.70
 ----

+The two major changes in this version are new thread manager in clamd
+and support for decoding MS Office VBA macros. Both of them have been
+implemented by Trog. Besides, there are many improvements and bugfixes
+(all listed in ChangeLog), a short summary:
+
+-) clamd
+    + new thread manager (with better SMP support)
+    + on-access scanning now also available on FreeBSD (with Dazuko 2.0)
+    + new directive: ArchiveDetectEncrypted
+    + handle SIGHUP (re-open logfile), SIGUSR2 (reload database)
+
+-) clamav-milter:
+    + TCPWrappers support
+
+-) libclamav:
+    + support for MS Office documents (OLE2) and VBA macros decompression
+    + support for encrypted archive detection
+    + new flags: CL_OLE2, CL_ENCRYPTED (see clamdoc.pdf, Section 6.1)
+    + improved support for mail files (especially bounces)
+    + improved RAR support
+
+-) clamscan:
+    + new option: --detect-encrypted
+
+-) freshclam
+    + new option: --pid, -p (write pid file if run as daemon)
+    + handle SIGHUP (re-open logfile), SIGTERM (terminate with log message),
+      SIGALRM and SIGUSR1 (wake up and check mirror)
+    + fixed bug with -u and -c handling
+
+-) documentation:
+    + new Polish documentation on ClamAV and Samba integration
+    + official documentation updated
+
+
+Special thanks to Dirk Mueller <mueller*kde.org> for the code review and
+many bugfixes and cleanups.
+

 We are happy to announce new programs that support ClamAV (all of them
-have been reviewed by us):
+have been reviewed by our team):
    + j-chkmail - a powerful filter for sendmail
    + qscanq - Virus Scanning for Qmail
    + clamavr - Ruby binding for ClamAV
@ -25,6 +63,9 @@ have been reviewed by us):
    + Local Area Security - a Live CD Linux distribution


+--
+The ClamAV team (http://www.clamav.net/team.html)
+March 14, 2004



--- a/clamav-devel/clamd/clamuko.c
+++ b/clamav-devel/clamd/clamuko.c
@ -61,7 +61,7 @@ void *clamukoth(void *arg)
 {
 	struct thrarg *tharg = (struct thrarg *) arg;
 	sigset_t sigset;
-	char *virname;
+	const char *virname;
        struct sigaction act;
 	unsigned long mask = 0;
 	const struct cfgstruct *pt;
--- a/clamav-devel/clamd/others.h
+++ b/clamav-devel/clamd/others.h
@ -19,6 +19,10 @@
 #ifndef __CLAMD_OTHERS_H
 #define __CLAMD_OTHERS_H

+#if HAVE_CONFIG_H
+#include "clamav-config.h"
+#endif
+
 #include <stdlib.h>
 #include "cfgfile.h"

--- a/clamav-devel/clamd/scanner.c
+++ b/clamav-devel/clamd/scanner.c
@ -57,7 +57,7 @@ int checksymlink(const char *path)
 }

 /* :set nowrap, if you don't like this style ;)) */
-int dirscan(const char *dirname, char **virname, unsigned long int *scanned, const struct cl_node *root, const struct cl_limits *limits, int options, const struct cfgstruct *copt, int odesc, unsigned int *reclev, short contscan)
+int dirscan(const char *dirname, const char **virname, unsigned long int *scanned, const struct cl_node *root, const struct cl_limits *limits, int options, const struct cfgstruct *copt, int odesc, unsigned int *reclev, short contscan)
 {
 	DIR *dd;
 	struct dirent *dent;
@ -132,7 +132,7 @@ int scan(const char *filename, unsigned long int *scanned, const struct cl_node
 {
 	struct stat sb;
 	int ret = 0, reclev = 0;
-	char *virname;
+	const char *virname;


    /* check permissions  */
@ -189,7 +189,8 @@ int scanstream(int odesc, unsigned long int *scanned, const struct cl_node *root
 	int ret, portscan = CL_DEFAULT_MAXPORTSCAN, sockfd, port, acceptd, tmpd, bread, retval;
 	long int size = 0, maxsize = 0;
 	short bound = 0;
-	char *virname, buff[32768];
+	const char *virname;
+	char buff[32768];
 	struct sockaddr_in server;
 	struct cfgstruct *cpt;
 	FILE *tmp = NULL;
--- a/clamav-devel/clamd/scanner.h
+++ b/clamav-devel/clamd/scanner.h
@ -22,7 +22,7 @@
 #include <clamav.h>
 #include "cfgfile.h"

-int dirscan(const char *dirname, char **virname, unsigned long int *scanned, const struct cl_node *root, const struct cl_limits *limits, int options, const struct cfgstruct *copt, int odesc, unsigned int *reclev, short contscan);
+int dirscan(const char *dirname, const char **virname, unsigned long int *scanned, const struct cl_node *root, const struct cl_limits *limits, int options, const struct cfgstruct *copt, int odesc, unsigned int *reclev, short contscan);

 int scan(const char *filename, unsigned long int *scanned, const struct cl_node *root, const struct cl_limits *limits, int options, const struct cfgstruct *copt, int odesc, short contscan);

--- a/clamav-devel/clamd/server-th.c
+++ b/clamav-devel/clamd/server-th.c
@ -118,7 +118,7 @@ void sighandler_th(int sig)

 static struct cl_node *reload_db(struct cl_node *root, const struct cfgstruct *copt, int do_check)
 {
-	char *dbdir;
+	const char *dbdir;
 	int virnum=0, retval;
 	struct cfgstruct *cpt;
 	static struct cl_stat *dbstat=NULL;
--- a/clamav-devel/clamscan/manager.c
+++ b/clamav-devel/clamscan/manager.c
@ -763,7 +763,7 @@ int scandirs(const char *dirname, struct cl_node *root, const struct passwd *use
 int checkfile(const char *filename, const struct cl_node *root, const struct cl_limits *limits, int options)
 {
 	int fd, ret;
-	char *virname;
+	const char *virname;

    if((fd = open(filename, O_RDONLY)) == -1) {
 	mprintf("@Can't open file %s\n", filename);
@ -794,7 +794,7 @@ int checkfile(const char *filename, const struct cl_node *root, const struct cl_
 int checkstdin(const struct cl_node *root, const struct cl_limits *limits)
 {
 	int ret;
-	char *virname;
+	const char *virname;


    claminfo.files++;
--- a/clamav-devel/docs/man/clamav.conf.5
+++ b/clamav-devel/docs/man/clamav.conf.5
@ -1,5 +1,5 @@
 .\" Manual page created by Tomasz Kojm, 20021001.
-.TH "clamav.conf" "5" "November 11, 2003" "Tomasz Kojm" "Clam AntiVirus"
+.TH "clamav.conf" "5" "March 14, 2004" "Tomasz Kojm" "Clam AntiVirus"
 .SH "NAME"
 .LP 
 \fBclamav.conf\fR \- a configuration file for Clam AntiVirus Daemon
@ -44,17 +44,27 @@ Log time with each message.
 .br 
 Default: disabled.
 .TP 
+\fBLogClean\fR
+Log clean files.
+.br 
+Default: disabled.
+.TP 
 \fBLogSyslog\fR
 Use system logger (can work together with LogFile).
 .br 
 Default: disabled.
 .TP 
+\fBLogVerbose\fR
+Enable verbose logging.
+.br 
+Default: disabled.
+.TP 
 \fBPidFile STRING\fR
 Save a process identifier of a listening daemon (main thread) to a specified file.
 .br 
 Default: disabled.
 .TP 
-\fBDataDirectory STRING\fR
+\fBDatabaseDirectory STRING\fR
 Path to a directory containing database files.
 .br 
 Default: hardcoded directory.
@ -149,6 +159,11 @@ Close the connection when this limit is exceeded.
 .br 
 Default: disabled.
 .TP 
+\fBScanOLE2\fR
+Enables scanning of Microsoft Office document macros.
+.br 
+Default: enabled.
+.TP 
 \fBScanMail\fR
 Enable scanning of Mbox, Maildir and raw mail files.
 .br 
@ -179,11 +194,21 @@ Number of files to be scanned within archive. Value of 0 disables the limit.
 .br 
 Default: 1000
 .TP 
+\fBArchiveMaxCompressionRatio NUMBER\fR
+Analyze compression ratio and mark potential archive bombs as viruses (0 disables the limit).
+.br 
+Default: 200
+.TP 
 \fBArchiveLimitMemoryUsage\fR
 Use slower decompression algorithm which uses less memory. This option affects bzip2 decompressor only.
 .br 
 Default: disabled
 .TP 
+\fBArchiveDetectEncrypted\fR
+Mark encrypted archives as viruses (Encrypted.Zip, Encrypted.RAR).
+.br 
+Default: disabled
+.TP 
 \fBClamukoScanOnLine\fR
 Enable Clamuko \- on\-access scanner for Linux. Dazuko must be already running.
 .br 
--- a/clamav-devel/docs/man/clamscan.1
+++ b/clamav-devel/docs/man/clamscan.1
@ -1,5 +1,5 @@
 .\" Manual page created by Tomasz Kojm, 14/15 IV 2002
-.TH "clamscan" "1" "February 20, 2004" "Tomasz Kojm" "Clam AntiVirus"
+.TH "clamscan" "1" "March 14, 2004" "Tomasz Kojm" "Clam AntiVirus"
 .SH "NAME"
 .LP 
 clamscan \- scan files and directories against viruses
@ -69,9 +69,15 @@ Move infected files into DIRECTORY. Directory must be writeable for the 'clamav'
 .TP 
 EXTRACTION OPTIONS:
 .TP 
+\fB\-\-no\-ole2\fR
+Disable support for Microsoft Office document files.
+.TP 
 \fB\-\-no\-archive\fR
 Disable archive support built in libclamav.
 .TP 
+\fB\-\-detect\-encrypted\fR
+Mark encrypted archives as viruses (Encrypted.Zip, Encrypted.RAR).
+.TP 
 \fB\-\-max\-files=#n\fR
 Extract first #n files from each archive. This option protects your system against DoS attacks (default: 500)
 .TP 
--- a/clamav-devel/docs/man/freshclam.1
+++ b/clamav-devel/docs/man/freshclam.1
@ -1,5 +1,5 @@
 .\" Manual page created by Tomasz Kojm, 20020415
-.TH "freshclam" "1" "February 20, 2004" "Tomasz Kojm" "Clam AntiVirus"
+.TH "freshclam" "1" "March 14, 2004" "Tomasz Kojm" "Clam AntiVirus"
 .SH "NAME"
 .LP 
 freshclam \- update virus databases
@ -11,7 +11,7 @@ freshclam [options]
 freshclam updates the virus database. It's a part of the Clam AntiVirus package. It requires an Internet connection.
 .SH "OPTIONS"
 .LP 
-Freshclam reads its configuration from freshclam.conf. The settings will be overwritten with command line options.
+Freshclam reads its configuration from freshclam.conf. The settings can be overwritten with command line options.
 .TP 
 \fB\-h, \-\-help\fR
 Output help information and exit.
@ -40,6 +40,9 @@ Run as USER. By default (when started by root) freshclam drops privileges and wo
 \fB\-d, \-\-daemon\fR
 Run in a daemon mode. This option requires \-\-checks.
 .TP 
+\fB\-p FILE, \-\-pid=FILE\fR
+Save daemon's pid in FILE.
+.TP 
 \fB\-c #n, \-\-checks=#n\fR
 Check #n times day for new database. #n must be between 1 and 50.
 .TP 
--- a/clamav-devel/etc/clamav.conf
+++ b/clamav-devel/etc/clamav.conf
@ -136,7 +136,7 @@ MaxDirectoryRecursion 15
 ##

 # This option enables scanning of Microsoft Office document macros.
-#ScanOLE2
+ScanOLE2

 ##
 ## Mail support
@ -186,7 +186,7 @@ ArchiveMaxCompressionRatio 200
 # affects bzip2 decompressor only.
 #ArchiveLimitMemoryUsage

-# Mark encrypted archives as viruses (currently only works with Zip archives)
+# Mark encrypted archives as viruses (Encrypted.Zip, Encrypted.RAR).
 #ArchiveDetectEncrypted


--- a/clamav-devel/freshclam/freshclam.c
+++ b/clamav-devel/freshclam/freshclam.c
@ -35,9 +35,14 @@
 #include <pwd.h>
 #include <grp.h>

+#if defined(CLAMD_USE_SYSLOG) && !defined(C_AIX)
+#include <syslog.h>
+#endif
+
 #include "options.h"
 #include "shared.h"
 #include "others.h"
+#include "clamd/others.h"
 #include "manager.h"
 #include "defaults.h"
 #include "freshclam.h"
@ -167,9 +172,13 @@ int freshclam(struct optstruct *opt)
 	mexit(0);
    }

-
    /* initialize logger */

+    if(cfgopt(copt, "LogVerbose"))
+	logverbose = 1;
+    else
+	logverbose = 0;
+
    if(optc(opt, 'l')) {
 	logfile = getargc(opt, 'l');
 	if(logg("--------------------------------------\n")) {
@ -185,6 +194,15 @@ int freshclam(struct optstruct *opt)
    } else
 	logfile = NULL;

+#if defined(CLAMD_USE_SYSLOG) && !defined(C_AIX)
+    if((cpt = cfgopt(copt, "LogSyslog"))) {
+	openlog("freshclam", LOG_PID, LOG_LOCAL6);
+	use_syslog = 1;
+	syslog(LOG_INFO, "Freshclam started.\n");
+    } else
+	use_syslog = 0;
+#endif
+
    /* change the current working directory */
    if(optl(opt, "datadir")) {
 	newdir = getargl(opt, "datadir");
@ -375,7 +393,7 @@ void help(void)
    mprintf("    --config-file=FILE                   read configuration from FILE.\n");
    mprintf("    --log=FILE           -l FILE         log into FILE\n");
    mprintf("    --daemon             -d              run in daemon mode\n");
-    mprintf("    --pid                -p FILE         save daemon's pid in FILE\n");
+    mprintf("    --pid=FILE           -p FILE         save daemon's pid in FILE\n");
    mprintf("    --user=USER          -u USER         run as USER\n");
    mprintf("    --checks=#n          -c #n           number of checks per day, 1 <= n <= 50\n");
    mprintf("    --datadir=DIRECTORY                  download new databases into DIRECTORY\n");